Security Alerts & News
by Tymoteusz A. Góral

History
#1408 New cloud attack takes full control of virtual machines with little effort
The world has seen the most unsettling attack yet resulting from the so-called Rowhammer exploit, which flips individual bits in computer memory. It's a technique that's so surgical and controlled that it allows one machine to effectively steal the cryptographic keys of another machine hosted in the same cloud environment.

Until now, Rowhammer has been a somewhat clumsy and unpredictable attack tool because it was hard to control exactly where data-corrupting bit flips happened. While previous research demonstrated that it could be used to elevate user privileges and break security sandboxes, most people studying Rowhammer said there was little immediate danger of it being exploited maliciously to hijack the security of computers that use vulnerable chips. The odds of crucial data being stored in a susceptible memory location made such hacks largely a matter of chance that was stacked against the attacker. In effect, Rowhammer was more a glitch than an exploit.
Read more
#1412 This data-stealing Trojan is the first to also infect you with ransomware
#1411 Report: Smartphone infection rate doubled in first half of 2016
#1410 TorrentLocker: Crypto-ransomware still active, using same tactics
#1409 New OSX security updates patch same zero-days as iOS 9.3.5
#1408 New cloud attack takes full control of virtual machines with little effort
#1407 “Foghorn” takes users out of phish-fighting with DNS “greylisting”
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12